Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.60123
Category:CGI abuses
Title:eggBlog < 3.0 Admin password change
Summary:NOSUMMARY
Description:Description:

The installed version of eggBlog according to the version
number, allows attackers to remotely change the password
of administrators via a modified username parameter.

Versions prior to 3.0 are known to be vulnerable.

Solution : Upgrade to a later version.

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-2727
Bugtraq: 20060528 Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/435284/100/0/threaded
Bugtraq: 20060529 RE: Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/435300/100/0/threaded
http://www.nukedx.com/?viewdoc=36
http://securityreason.com/securityalert/1005
XForce ISS Database: eggblog-register-security-bypass(26833)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26833
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.